It starts innocently enough. An email from a colleague with a link to an article they thought you’d like. But when you click on it, your troubles start.
It’s not The Australian or The New York Times that you’re taken to. Instead, you’re directed to a screen that tells you all of the data stored on your computer has been encrypted. Worse still, you’re not going to get it back unless you pay. And to top it off, for every 30 minutes you delay, a piece of data will be destroyed or the price of having it unlocked will increase.
What’s happened is that you’ve just downloaded dangerous ransomware to your system. And ransomware is on the rise.
How ransomware works
Unlike other cyber-attacks which tend to try to steal your data (especially your financial data), ransomware is – at least in one sense – decidedly low-tech in its approach. It’s the cyber equivalent of kidnapping, it’s just that instead of taking people hostage, the scammers hold your data.
They do this by introducing a file to your computer, often via a fake email link. Like our scenario above, scammers using ransomware often ‘scrape’ people’s social media profiles or company websites to impersonate someone close to them. Alternatively, they may try to introduce ransomware onto your computer through a fake warning ‘pop up’, which tells you that you have been engaging in illegal activity. The only thing you can do to remedy it is to select the link.
Whichever method the scammers use to expose you to ransomware, the result is the same: when you click on a link to find out more, the ransomware injects a script onto your machine which encrypts all your files and locks you out from accessing them. To get them back, you’ll usually have to deposit bitcoin into the scammers’ accounts – although some enterprising scammers will offer a range of payment options, including credit cards.
What if this happens to you?
The most immediate question becomes whether or not to pay the scammers to get your files back. Many people choose to do so.
In 2013, the most famous ransomware, Cryptolocker, reportedly made its developers more than US$30 million in just 100 days.
Globally, the construction industry is the most targeted by ransomware. In a report by IT company Datto they found that the ups and downs of the economy and rarity of recurring revenue has impacted the construction industry’s ability to protect itself from ransomware. The report by Datto also found that the number of ransomware attacks against small to medium businesses is on the rise, with 91 per cent of managed service providers in Australia and New Zealand reporting attacks against small to medium businesses, the highest rate globally.
But that doesn’t mean you should pay.
The good news is that as ransomware becomes more common, there has been an increase in free decrypting software being posted online, which will do the job for you. However, decrypting software isn’t available for every type of ransomware.
Another option may be to pay an IT professional to take it off for you (although you may still lose data unless you have backups). However, that’s likely to be more expensive than paying off the scammers. At least, that’s what they’re counting on.
But, by not doing so, you’re putting money into the hands of criminals and encouraging them to continue with their scam.